Sunday, May 1, 2011

How to find a target to your needs

Sometimes we find a crazy security hole and want to test if this is not just on our maschine. Or we just need a mail Server to try something out... Whatever sometimes we need a Target to our wishes.

And damn, there is an easy way how to find!
http://www.shodanhq.com/

You can Search like "port:22" or just "netgear". If you register (free) you will get more results and special ready to use search querys ^^

How to make a DDoS attack with an free Internet Tool

If you want to DDoS a Website, but dont have a good Computer to do so. Just use the free Webservice from http://loadimpact.com/

How to find lists with valid e-mail adresses with google

To do so just Google:

filetype:ctt "hotmail"

How to create an GTK Dialog Window from Terminal or Script

The answer is zenity!

Just take a look at this example:

zenity --warning --text "Example Warning\!\nSecond row...." --title "Example Title"

How to easily extract everything from Unix/Linux Shell

I dont know where i found this part of gold :D But its amazing and makes using your Shell on Desktop or Server much more easy.

Just add the following to your ~/.bashrc file:


extract () {
    if [ -f $1 ] ; then
        case $1 in
            *.tar.bz2)   tar xvjf $1        ;;
            *.tar.gz)    tar xvzf $1     ;;
            *.bz2)       bunzip2 $1       ;;
            *.rar)       unrar x $1     ;;
            *.gz)        gunzip $1     ;;
            *.tar)       tar xvf $1        ;;
            *.tbz2)      tar xvjf $1      ;;
            *.tgz)       tar xvzf $1       ;;
            *.zip)       unzip $1     ;;
            *.Z)         uncompress $1  ;;
            *.7z)        7z x $1    ;;
            *)           echo "'$1' cannot be extracted" ;;

        esac

    else

        echo "'$1' is not a valid file"

    fi

}

How to easily create an Webserver in any Path

This can be very useful in some time. Easily create an Webserver in any path you want using a simple Python Command
python -c "import SimpleHTTPServer;SimpleHTTPServer.test()"
Make an Shortcut using:
alias webshare='python -c "import SimpleHTTPServer;SimpleHTTPServer.test()"'

How to DDoS Tutorial

So you want to DDoS something?
First please ask yourself why you want to do that?

DDoS can be very strong and effective. It also can be very poor and nonsense. Think about why you want to do that. If you use it only to protect your Personal rights and freedom then you can read the rest.

If you want to show your bro's how cool you are, get a sexy girlfriend or something this isnt the right way to do so.

And another thing, i dont get to deep in details. Just use Google, Google is your friend.


Who/What do i want to DDoS?

Keep youre plan real. So do you think you can alone DDoS something in the Amazon Cloud? You need firepower or you need a poor Target (you may kill a little  VPS by your own :P) 

Another serius question is which Port? Do an port Scan to clear that question. If you use Linux just:
nmap target.com 
Note SSL is mostly more effective. So may try port 443 instead of 80 and so on.



How to DDoS now?

You need a tool. Firstly you have to know which Operating System you use. I think you can answer this question. If youre running Linux this is perfect! You got everything you need to DDoS in full Power mode! Windows... yeah ... dudes just get Linux.

So now we know which Operating System we have ^^  

Now we need a good tool!
Windows users please note that many tools from Hackerforums and several download Sites are Backdoored and you will install an trojan + the tool. so try to find orginal resources!


Skiddies at the moment swear on LOIC. I dont think thats an really good Tool, but it has a GUI and is very easy to use.

if it is an Apache Webserver. Stop reading here and go to How to install and use Slowloris on Linux or try QSlowLoris, PyLoris or several.

If you know how to use a Shell try Pentbox its an amazing tool with unique features and a very good DDoS Syn flooder. Also its written in Ruby <3

If you are an X-Nerd and want the most direct Linux way, take a look at the package hping, example attack:
hping -i u1 -S -p 80 target.ip.or.domain


This are the most popular Tools at the moment. If you doing right you will have mighty tools in your hands.  Be nice <3